http://support.ipswitch.com/kb/IM-20000901-DM01.htm
This a really bad bug in IMail. If an Imail domain has the registry key for peer created, but the key is empty (in the registry and as shown "correctly" empty by GUI), the Imail will still accept all mail for any user in the domain and then bounce the mail. rcpt to:<[EMAIL PROTECTED]> 250 ok accepted for peer <[EMAIL PROTECTED]> !!!!!!!!!!!!!!!! But, peering is not really turned on for mydomain.com. Horrible vulnerability for dictionary attacks. I discovered this when setting up reject_unverified_recipient on IMGate. Imail was telling IMGate's recipient probe that every user for mydomain.com was ok, and then Imail accepted the real msgs, and then bouncing them as unknown user. 15K msgs in Imail's queue. Len
